Anti-Phishing Phriends

The game was created by CMU Usable Privacy and Security Laboratory (CUPS). And it has done a pretty good job of turning internet security training into a game.

The game works like this: you are a fish named Phil who lives in the Interweb Bay. While trying to find something to eat, you need to decide which URL addresses, disguised as worms, are edible.

If you are successful, you move onto other rounds. If you need any advice on identifying a legitimate URL address, Phil’s Father is there to help you. Good ol’Dad.

In between rounds, you get a very clear and concise explanation to your errors and a mini-lesson on typical phishing scams.

What is Phishing?

Phishing is all too common a method of “asking” and tricking info out of unsuspecting account holders. We’ve all seen it – emails urgently asking us for financial info to receive a distant relative’s inheritance, a reputable sites immediate request of a password change through a link or frightening security email alerts.

You may think “who’d fall for those scams. Everyone knows how they work.”

Well the sad fact is that phishing is hard to spot for the average Joe. And it really is up to you, the user, to protect yourself. All you need to do is look at the URL of the site you are visiting. Look carefully. If it’s not correct, don’t insert your data.

Many companies have tried to implement some form of anti-phishing method, to help thier users help themselves. All of these techniques can do nothing more than try and grab your attention so that you remember to check that URL – but they can’t do much more than that. Really, it’s up to you.

So give Anti-Phishing Phil a try – it’s fun, and maybe it’ll help you better understand how to spot a rotten site.